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DETAILED ACTION 

1 . This Office action is in response to the amendment filed on January 30, 2006. 

2. Claims 1-5 and 8-21 are pending. 

3. Claims 1,11-15, 1 7-21 are amended. 

4. Claims 6 and 7 are canceled. 

5. The text of those sections of Title 35, U.S. Code not included in this action can 
be found in a prior Office action. 

Response to Amendment 

6. The objection to claim 14 is withdrawn as the amendment to the claim 
overcomes the objection. 

7. The amendment to claim 1 8 does not rectify all the 112/2"^ paragraph issues to 
this claim: in particular, there is insufficient antecedent basis for the limitation "the first 
value" (line 2). 

8. The 101 rejections to claims 1-5 and 8-21 are withdrawn as the amendments 
overcome the 101 rejections. 

Response to Arguments 

9. Applicant's arguments with respect to amended claims 1-5 and 8-21 have been 
considered but are moot in view of the new ground(s) of rejection. 
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Claim Rejections - 35 USC §112 

1 0. The following is a quotation of the second paragraph of 35 U.S.C. 1 1 2: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

11. Claim 18 is rejected under 35 U.S.C. 112, second paragraph, as being indefinite 
for failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention. 

12. Claim 18 recites the limitation "the first value" (line 2). There is insufficient 
antecedent basis for this limitation in the claim. 

Claim Rejections - 35 USC § 103 

13. Claims 1-5. 8-17 and 19-21 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Gong USPN 6,125,447 (hereinafter Gong) in view of Drews USPN 
6,463,535 (hereinafter Drews). 

14. As per claim 1 , Gong discloses a method of associating a permission set with an 
action based on evidence characterized by different levels of trust, the method 
implemented at least in part by a computing device comprising: 

a. identifying a first condition for association with the permission set, wherein 
the first condition references a first element of evidence, wherein the first element 
of evidence is implicitly trusted and wherein the permission set is used to control 
operation of the code assembly during run-time; (col. 7:38-59; 10:27-56) 
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b. determining whether the first condition is satisfied by the first element of 
evidence (10:27-56); 

c. associating the permission set with the code assembly, if the first condition 
is satisfied. (10:57-62) 

15. Gong does not disclose identifying a second condition for associating with the 
permission set, wherein the second condition references a second element of evidence, 
wherein the second element of evidence is initially untrusted, determining whether the 
second element of evidence should be trusted based on the first condition; determining 
whether the second condition is satisfied by the second element of evidence and 
associating the permission set with the code assembly if both the first and second 
condition are satisfied. Drews discloses a method and system to determine whether 
code is authorized to be executed by a platform, wherein the downloaded code includes 
a digitally signed manifest, and wherein the signed manifest of the code uses a 
certificate chain associated to delegate the signing authority from one source to 
another. This enables a code signed by an untrusted source to be deemed trusted if 
the chain of certificate ultimately is signed by a trusted source. In particular, Drews 
discloses: 

d. identifying a first condition for association with a permission set (whether 
the code is permitted to be executed), wherein the first condition references a 
first element of evidence, wherein the first element of evidence is implicitly 
trusted (fig. 2, reference no. 280; col. 4:60-65); 
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e. identifying a second condition for association with the permission set, 
wherein the second condition references a second element of evidence, wherein 
the second element of evidence is initially untrusted (col. 5:5-18, certificate[N], 
1<=N<K); 

f. determining whether the first condition is satisfied by the first element of 
evidence; determining whether the second element of evidence should be trusted 
based on the first condition; determining whether the second condition is satisfied 
by the second element of evidence (col. 5:5-18); and 

g. associating the permission set with the code assembly, if both the first 
condition and the second condition are satisfied (fig. 5B, especially reference no. 
580). 

16. Hence, it would be obvious to one of ordinary skill in the art at the time the 
invention was made to combine the system and method of verifying the authority of 
software using certificate chains as taught by Drews with the invention of Gong such 
that the invention of Gong further includes identifying a second condition for associating 
with the permission set, wherein the second condition references a second element of 
evidence, wherein the second element of evidence is initially untrusted, determining 
whether the second element of evidence should be trusted based on the first condition; 
determining whether the second condition is satisfied by the second element of 
evidence and associating the permission set with the code assembly if both the first and 
second condition are satisfied. One would be motivated to do so to enable delegation 
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of signing authorization from one source to another as taught by Drews. (5:5-6) The 
aforementioned cover the limitations of claim 1 . 

17. As per claims 2-5, the rejection of claim 1 under 35 U.S.C. 103(a) are 
incorporated herein, (supra) In addition, the operation of receiving at least a first and 
second condition comprises: 

a. receiving the first condition and the first element, and the second condition 
and the second element respectively, within a membership criterion; and 

b. receiving the first element and second element of evidence based on 
references in the membership criterion. (Gong, col. 7:60-8:37; 9:28-37; Drews, 
coL 2:57-3:7; 4:45-5:4) 

It would be obvious to one of ordinary skill in the art at the time the invention was made 
to combine the system and method of verifying the authority of software using certificate 
chains as taught by Drews with the invention of Gong. One would be motivated to do 
so to enable delegation of signing authorization from one source to another as taught by 
Drews. (5:5-6) The aforementioned cover the limitations of claims 2-5. 

18. As per claims 8 and 9, the rejection of claim 1 under 35 U.S.C. 103(a) is 
incorporated herein, (supra) In addition, the method further comprises 

h. generating a collection of code groups, each code group being associated 
with a membership criterion and a permission set, wherein the first condition and 
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the second condition are received in the membership criterion associated with 
one of the code groups (Gong, col. 9:9-18; Drews, col. 2:57-3:7); and 
i. determining whether the code assembly is a member of the code group, 
based on the membership criterion (Gong, 10:40-56); and 
j. the associating operation associates the permission set of the code group 
with the code assembly, if the code assembly is determined to be a member of 
the code group. (Gong, 10:57-62) 
It would be obvious to one of ordinary skill in the art at the time the invention was made 
to combine the system and method of verifying the authority of software using certificate 
chains as taught by Drews with the invention of Gong. One would be motivated to do 
so to enable delegation of signing authorization from one source to another as taught by 
Drews. (5:5-6) The aforementioned cover the limitations of claims 8 and 9. 

19. As per claim 10, the rejection of claim 1 under 35 U.S.C. 103(a) is incorporated 
herein, (supra) In addition, the method further comprising: 

k. receiving at least a third condition referencing a third element of evidence, 

wherein the third element is initially untrusted; 

I. determining whether the third element of evidence should be untrusted 
based on the second condition; and 

m. determining whether the third condition is satisfied by the third element of 
the evidence, wherein the associating operation comprises associating the 
permission set with the code assembly, if the first condition, the second 
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condition, and the third condition are satisfied (Drews, col. 4:60-5:19; the 
certificate chain comprises of k certificates, the certificate[l< - 2] corresponds to 
the third element). 

It would be obvious to one of ordinary skill in the art at the time the invention was made 
to combine the system and method of verifying the authority of software using certificate 
chains as taught by Drews with the invention of Gong. One would be motivated to do 
so to enable delegation of signing authorization from one source to another as taught by 
Drews. (5:5-6) The aforementioned cover the limitations of claim 10. 

20. As per claims 11-16, the rejections of claims 1-5 and 8-10 under 35 U.S.C. 
103(a) are incorporated herein, (supra) In addition, the code group is used to define a 
category of related code assemblies (Gong, col. 9:1 1-18), and the first element of 
evidence is independent of other evidence and conditions (the subject certificate is at 
the top of the certificate chain). 

21 . As per claims 1 7 and 1 9-21 , the rejections of claims 1 -5 and 8-1 0 under 35 USC 
103(a) are incorporated herein, (supra) In addition. Gong discloses one or more first 
conditions are received (col. 9:11-13; fig. 4 reference, no. 406), and at least one first 
element of evidence includes initially untrusted evidence and at least one indication 
includes initially untrusted evidence (7:53-56; 10:52-56); furthermore, inherent in a 
computer process that generates an indication for satisfiability of a first condition, is an 
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indication for each first condition that is not satisfied. The aforementioned cover the 
limitations of claims 1 7 and 19-21. 



Claim Rejections - 35 USC § 103 

22. Claim 18 is rejected under 35 U.S.C. 103(a) as being unpatentable over Gong in 
view of Drews, and further in view of Al-Salqan USPN 6,687,823 (hereinafter Al- 
Salqan). 

23. As per claim 18, the rejection of claim 17 under 35 USC 103(a) is incorporated 
herein, (supra) Drews further discloses evaluating each signature on an untrusted 
certificate along the certificate chain to determine satisfiability of the conditions. 
However, Drews does not disclose associating values to the conditions, summing the 
values, then evaluating the sum against a threshold to determine satisfiability. Al- 
Salqan discloses collecting several authentication tests, wherein each test is assigned a 
weight, summing the collected weights of the tests passed by the user, and allowing the 
user access if the sum is greater than a certain threshold (fig. 2b; col. 2:7-24). Hence, it 
would be obvious to one of ordinary skill in the art to associate values to the conditions, 
summing the values, then evaluating the sum against a threshold to determine 
satisfiability since it is desirable to provide a priority or strength to each test for a more 
flexible means of determining satisfiability of a condition. (Al-Salqan, 1 :50-63) The 
aforementioned cover the limitations of claim 18. 
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Conclusion 

24. Applicanf's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Communications Inquiry 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jung W. Kim whose telephone number is 571-272-3804. 
The examiner can normally be reached on M-F 9:00-5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 




Jung W Kim 
Examiner 
Art Unit 21 32 
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